IMHO, the CEH certification is not going to open any security related doors for you. You can pass the CEH having never popped a single machine. It may impress the average Joe/HR person but anyone who knows the security industry is probably not going to be impressed. The OSCP cert. for example requires you to crack X number of machines in a 24 hour period. Now THAT'S impressive. Put it this way, CEH is to OSCP like Algebra is to Quantum Physics.

The EC Council training focuses too heavily on tools - as Hoffman points out, more than 250 tools. Who uses that many? Also, the slides and info need a serious proofreader. And ECC seems to think that dumping a boat load of information on you constitutes training, it doesn't.

Now, it's not entirely bad. While it covers a lot of info without any depth, it is a good utility for the pen tester novice. You'e exposed to a wide range of hacking/pen testing methods. Like I said, Algebra. I would recommend approaching the ECC's training with caution - the DVD's with Eric Reed is pretty good but the printed material and labs are a travesty. From what I've read on Amazon reviews the quality of material seems to be consistent with anything put out (read "Official") by EC Council.

For good measure, CEH material has gotten a LOT better over the past couple revisions. I thought version 7 was pretty good in terms of proofreading and slimming down the number of tools *actually* used. That said, there are still a lot of tools.

CEH is a good introduction to a security career, but as DragonGorge says it's certainly not the end-all cert. If you are interested in hacking for knowledge, stick around here, check out securitytube, and then do CEH if you're still interested. If you want to pursue infosec as a career, do CEH knowing you will need way more experience and higher level certs.

"Live as though you would die tomorrow, learn as though you would live forever."